[Standards] [Fwd: [Council] meeting minutes, 2007-05-16]
Rachel Blackman
rcb at ceruleanstudios.com
Fri May 18 17:40:08 CDT 2007
> Better, I think, to randomize the resource identifiers. That makes
> the attack a lot harder, and it is something that's under the
> user's control (just use a client that randomizes the resource
> identifiers).
Or have servers which can generate a random resource on connection.
(Again, see Google Talk.) This is why we have XMPP bind stanzas,
after all, right? So the server can tell you what resource to use? :)
If we start trying to second-guess everything and prevent presence
leaks everywhere by doing things like legislating the order of
children in an XML element (to obscure if it's a client or server
response), we're going to make the bar to entry to adopting XMPP
much, much higher.
If we /do/ go that direction, I would think it would be the
responsibility of the server to normalize IQ error replies to match
its own format, rather than coming up with one diehard unchanging
specification for ordering children and tags and whatever else.
Otherwise, just to be /certain/, a client would have to probe a
server on connection, discover how the server handles errors, and
then emulate it.
Either way, it's a ton of extra work for everyone, for something that
doesn't seem a significant amount of gain. As Peter points out, just
randomizing resource identifiers is far easier. And that's something
which can be done on either client /or/ server side.
--
Rachel Blackman <rcb at ceruleanstudios.com>
Trillian Messenger - http://www.trillianastra.com/
More information about the Standards
mailing list